From a0d9892acc97fe7e8eb8d83ee3033816394bcd22 Mon Sep 17 00:00:00 2001 From: matthew-pilot Date: Sat, 30 May 2026 15:57:44 +0000 Subject: [PATCH] fix(tests): generate random TestAdminToken per run instead of hardcoded secret Previously, TestAdminToken was a const set to "test-admin-secret" and used across 27 test files. If a test environment leaked into staging or production (CI runner mis-tagged, devcontainer copied), the predictable token would be an instant compromise. This change replaces the const with a var initialized via crypto/rand at package init time, prefixed with sk-test- so the redaction-test regex catches any leaked instance in log captures. Closes PILOT-296 --- tests/testenv.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/tests/testenv.go b/tests/testenv.go index 026e1be5..6a79dd51 100644 --- a/tests/testenv.go +++ b/tests/testenv.go @@ -4,7 +4,9 @@ package tests import ( "context" + crand "crypto/rand" "encoding/base64" + "encoding/hex" "fmt" "net" "os" @@ -50,7 +52,17 @@ func resolveLocalAddr(addr net.Addr) string { } // TestAdminToken is the admin token used in tests for network creation. -const TestAdminToken = "test-admin-secret" +// Generated randomly at init time so that a test environment accidentally +// deployed against staging/production won't share a predictable secret. +var TestAdminToken string + +func init() { + b := make([]byte, 32) + if _, err := crand.Read(b); err != nil { + panic("failed to generate random admin token: " + err.Error()) + } + TestAdminToken = "sk-test-" + hex.EncodeToString(b) +} // TestEnv manages a complete Pilot Protocol test environment with // OS-assigned ports and proper readiness signaling (no time.Sleep).